{"report_id":"2aaa2c17-a23c-4f0b-9faf-cd2898487ee2","version":6,"status":"done","tags":[],"date":"2025-10-23T07:07:04Z","url":{"schema":"http","addr":"secureorder.yerbamagik.com","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.1.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"title":"Checkout"},"submit":{"url":{"schema":"http","addr":"secureorder.yerbamagik.com","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.1.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-27T07:07:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-23T07:06:42Z","timestamp":1761203202,"ip_dst":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":60660,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2025-10-23T07:06:42.485336+0000\",\"flow_id\":1806256348222286,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":60660,\"dest_ip\":\"104.26.12.205\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":915,\"bytes_toclient\":1654,\"start\":\"2025-10-23T07:06:42.480078+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-23T07:06:42Z","timestamp":1761203202,"ip_dst":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":60664,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2025-10-23T07:06:42.487793+0000\",\"flow_id\":558473859454352,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":60664,\"dest_ip\":\"104.26.12.205\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3510,\"start\":\"2025-10-23T07:06:42.480656+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"secureorder.yerbamagik.com","ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-27","domain_rank":0,"first_seen":"2025-10-23T07:07:07.343989Z","last_seen":"2025-10-23T07:07:07.343989Z","alert_count":0,"request_count":7,"received_data":4442638,"sent_data":3783,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"io.ecommcheckout.com","ip":{"addr":"34.8.76.186","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2024-10-16","domain_rank":1369143,"first_seen":"2025-06-15T05:45:04.005136Z","last_seen":"2025-09-30T12:40:01.441447Z","alert_count":0,"request_count":2,"received_data":49846,"sent_data":1033,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"o4508954741309440.ingest.us.sentry.io","ip":{"addr":"34.120.195.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2012-04-07","domain_rank":6917745,"first_seen":"2025-10-23T07:07:07.338774Z","last_seen":"2025-10-23T07:07:07.338774Z","alert_count":0,"request_count":1,"received_data":562,"sent_data":638,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2025-10-20T00:00:00.591325Z","alert_count":0,"request_count":2,"received_data":542,"sent_data":930,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-23T07:06:42Z","timestamp":1761203202,"ip_dst":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":60660,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2025-10-23T07:06:42.485336+0000\",\"flow_id\":1806256348222286,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":60660,\"dest_ip\":\"104.26.12.205\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":915,\"bytes_toclient\":1654,\"start\":\"2025-10-23T07:06:42.480078+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-23T07:06:42Z","timestamp":1761203202,"ip_dst":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.9","port":60664,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2025-10-23T07:06:42.487793+0000\",\"flow_id\":558473859454352,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":60664,\"dest_ip\":\"104.26.12.205\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3510,\"start\":\"2025-10-23T07:06:42.480656+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"abe39fdad2c874b5812172356e6d0419","sha1":"6edf69222401ca4f94ca05077f432983376ed055","sha256":"f1b630493d82ca4cb8479e404ea1b276962f9edc6b46c7a2fb8e85812eba6caa","sha512":"83785932c07593f80325abb34e8795fdd73062fd38b857682d3728453be5de21b147b8b4268e13978e861adfe68fcc5cab6817f04e0a88a52feb7d90f292b6bf","ssdeep":"192:73/ytvRXrE2aTA70opeTDvEdTYGBzGNst5GP9qIpZggOhYEpl5C2jqPr:73/ytvRXrE2aTA7Bpe6HzgC6qasvpl56","tlshash":"c322f8c6be0273a496363485545f38e16ca9cd8e1442ea4f8340adf93c10f8c79bbe8d","size":10196,"data":"","first_seen":"2025-10-23T06:41:34.8511Z","last_seen":"2025-10-23T07:09:55.936794Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"io.ecommcheckout.com/phoenix.min.js","fqdn":"io.ecommcheckout.com","domain":"ecommcheckout.com","tld":"com"},"ip":{"addr":"34.8.76.186","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee9449ca9f784acc08c11deaa307d2f3","sha1":"c361c4b1a05fe25f7421331e4d8aac111179bcec","sha256":"71a6d3e3a7fb705d59e31afc16c4864ed5c69636ae44a8f941a70bd22338552f","sha512":"a853661d1640bec25663988699913983fb1b4055230a2d1d1f138703915be00315b2a0d63d2acb9d26ac573eaf1a1eb5019d9ca2f2c8e7de215c657f024f55d9","ssdeep":"768:6KAtkG1qyZUhPYqc1G27d89LT6VBqrWOPGNQ9ZweA9CV/UvFVx0yCJ2OPL9601MT:6KaUPUX26uApCpgpib0T","tlshash":"c223f8c5b360507243e261e384b64203f329a9593406809cbb6cdefb6b6ddc6b176f76","size":48873,"data":"","first_seen":"2025-10-23T07:07:12.107394Z","last_seen":"2025-10-25T13:29:32.58382Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"869771db7e2cfaf3785dc621f88b8713","sha1":"2d613709b600ecbdbb2489af3ce3f599ec280ed7","sha256":"8351734d7cdf204c2d4e033b482962960ddf72f31cee265171998beeea1c7087","sha512":"fa068a4a3365f954c074fa3954ecbd4f325486cdc15bed0d30abaf0fb8f42d6b33f70fe176b2f491cb4c5d6e7d39cf3b8a7fa34238523fb0db868d3da93ff2ef","ssdeep":"","tlshash":"8b81409416aa053b05bb629e274f1604327250a73216dc547fcdcbe82fe6c2388d7bca","size":4076,"data":"","first_seen":"2025-10-23T07:07:12.254508Z","last_seen":"2025-10-25T13:29:32.75125Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a44779ff532f64c4e923b5b0700b3ef2","sha1":"01463af5618ed5830b43cc00a21938b8d3700e4a","sha256":"31dd76f3b64b9be553ae767d66b14c0fbe4fc788f38c495ec808bbf4388ec4e6","sha512":"f1b4e21f870bdd2ea146e7b9cfa9b1cbd3fa27dd1f55d891b733afa8dd52e3aed0a8bb5acd8e41a6431ded670ef6390bb6251c9bcc98c52f83ddb3cf05ba5da7","ssdeep":"","tlshash":"7911d07a3f291634c6d5414b317ee7a93e3250717a029044c26cdc255d18e8314efcbe","size":921,"data":"","first_seen":"2025-10-23T07:07:12.265455Z","last_seen":"2025-10-23T07:07:12.265455Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"761b8c9b242544ae75ed1bc88bacb494","sha1":"c77a839f0780baed43b9c37ccc1919cb4ff15059","sha256":"55b6b78e6f0c55936100431835c997fae9f0e02ca8c5cb7d77d6b24968b6dabb","sha512":"7008314ccca1f9a223942768857c2ed8b03200094ab379e440ed3ef38fb683f300b0d4d3b02be97c11c52085d7339be286994e7c191fbc2cbb04740ffabe7aa0","ssdeep":"","tlshash":"80f0275a13e71638906750291667d00e2627201f0692dc083e9c89552fa4b794afabd5","size":493,"data":"","first_seen":"2025-10-23T07:07:12.285328Z","last_seen":"2025-10-23T07:07:12.285328Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"42ef54baa9570f42e83bc6183f9086f2","sha1":"9ce07f3e46e4d948eba9bf528a8d5e187a6c3db9","sha256":"fae2ae00f910c1e7ebd0ff6a58b9f3243ca5e1be7947f7fe72df5133f3ae70f9","sha512":"02b029e0e8cc479e5b1c805744010c44eff07b5f1028a298e906cb0e3659ada409f3978d6befc41b5acfb0e50bb67f868f94fc755d3f037fb81f133487b122f6","ssdeep":"","tlshash":"0ed097ab2d748a3063ac020b20b3e3d4b27120b02762a50081cacc2b6f10ed304f2858","size":236,"data":"","first_seen":"2025-10-23T07:07:12.291244Z","last_seen":"2025-10-23T07:07:12.291244Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/static/js/main.cf480e60.js","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1df147f92c1b3dd233e7aca1f65730fc","sha1":"a8acd9d785c964f6dd0d7d81bd864d8a95183053","sha256":"1bd73ce2871ed0ba51ac54384ba67d7d4d55a9fccf13e301fb9dfeb01ce83fb9","sha512":"f24efd8d0d1bd790236320f3eaaeee08e1ec6d5638894350800c8013ab9b7dcbf70e7dadfd796dbe4f4bf6fbc1e674217df85d9a82e1627b529968e59a28b65c","ssdeep":"49152:83dbVeCiQRZplmGuIkzLZax2xV17xid6DwwwCv5lPQS42yyZV3xDme1g2YFnREaj:Gg6ub1s6DwwwMhAVHUZDsP","tlshash":"21163c98f691f8ecb5b78c95a07f401ab33d3e2a910940b0f6ee9cd525542c97226f7c","size":4107006,"data":"","first_seen":"2025-10-23T07:07:12.295077Z","last_seen":"2025-10-23T07:07:12.295077Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/favicon.ico","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:41.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secureorder.yerbamagik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 16:20:21 GMT","end":"Tue, 30 Dec 2025 17:20:15 GMT"},"fingerprint":{"sha1":"2D:CE:A1:65:0F:76:DD:A5:68:6B:FF:BD:7F:4A:96:45:16:21:FA:81","sha256":"77:6F:5C:BE:D6:BF:D8:42:0E:AA:2F:36:61:A4:84:99:59:DA:2E:AE:E5:47:AA:55:42:EB:93:9F:9B:6C:F9:D6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: secureorder.yerbamagik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://secureorder.yerbamagik.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Oct 2025 07:06:41 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2LQeGLJ5R17VvsVop8KaIj89w5sxPlHbdDKew5I99id5COQx87Tu7H%2BRWWngD7OvjCacW9thdmz7L3mo6UKRweOiU6xs7wvXTL57xXXqDxo5%2FYIiwYoAGvdN9fm%2BfzoXBYdmqOkkS2fhvpS2\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: MISS\r\nlast-modified: Thu, 23 Oct 2025 07:06:41 GMT\r\nexpires: Thu, 23 Oct 2025 11:06:41 GMT\r\nset-cookie: __cf_bm=n4gGXxyyQ5f3.uTvUNTUpqGzR28RK.k_eejgOwYHyuc-1761203201-1.0.1.1-XxyVUdlL6kJ52y09nKLsQNO6DSFbLmmVJxVN2nAdzAVrdc5_jL5hqkpYGubCMbVnzKdnC_j8.5VtwZHU4IqQ4ALgqS44CUkUHrqYA2xk9cE; path=/; expires=Thu, 23-Oct-25 07:36:41 GMT; domain=.ptsccb.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\ncf-ray: 992f64ab98a823eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":632,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (632), with no line terminators","md5":"a4f49fe9601b0428c00a99956b36ef21","sha1":"7718b35bafcc8347b73dede0daf9e43faafdb393","sha256":"28556073f4f5886ed64adb3106a16c8fcafd559753f54f19643855fc81fe893f","sha512":"71052426eae70dd68e3e179c815897ce059f10ac1129b551904a357bbd3c6e2f57b4eb426a66b75a4343cf2d1de2d3f564531100460c8ce0dc39eeb51e4b940f","ssdeep":"","tlshash":"21f07d53cc10c48da330467bee72b07cc98a790caa91bc64bcd654be48e4fa38c66955","first_seen":"2025-10-23T07:07:12.089788Z","last_seen":"2025-10-23T07:07:12.089788Z","times_seen":1,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"io.ecommcheckout.com/phoenix.min.js","fqdn":"io.ecommcheckout.com","domain":"ecommcheckout.com","tld":"com"},"ip":{"addr":"34.8.76.186","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:42.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"io.ecommcheckout.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 15:03:44 GMT","end":"Sun, 07 Dec 2025 15:57:17 GMT"},"fingerprint":{"sha1":"45:FE:11:D6:38:F9:0B:25:63:DF:C4:91:61:22:51:A6:CE:AB:30:9D","sha256":"D2:29:17:42:4D:89:7E:1A:F1:83:0A:D2:30:5B:0E:D6:B8:92:DB:C8:F5:0C:0E:16:1B:1A:A5:A0:A1:C5:0E:2A"}}},"request":{"raw":"GET /phoenix.min.js HTTP/1.1\r\nHost: io.ecommcheckout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://secureorder.yerbamagik.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-disposition: inline; filename=\"phoenix.min.js\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nserver: Google Frontend\r\nvia: 1.1 google\r\ncontent-length: 15691\r\nx-cloud-trace-context: 82ea1376a4cba2ae18ace65a449c7c66;o=1\r\ndate: Thu, 23 Oct 2025 07:00:45 GMT\r\nage: 357\r\netag: \"c604186db0e5af08d4e20974f4c1a80de8cf76be\"\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public,max-age=3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":48873,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48873), with no line terminators","md5":"ee9449ca9f784acc08c11deaa307d2f3","sha1":"c361c4b1a05fe25f7421331e4d8aac111179bcec","sha256":"71a6d3e3a7fb705d59e31afc16c4864ed5c69636ae44a8f941a70bd22338552f","sha512":"a853661d1640bec25663988699913983fb1b4055230a2d1d1f138703915be00315b2a0d63d2acb9d26ac573eaf1a1eb5019d9ca2f2c8e7de215c657f024f55d9","ssdeep":"768:6KAtkG1qyZUhPYqc1G27d89LT6VBqrWOPGNQ9ZweA9CV/UvFVx0yCJ2OPL9601MT:6KaUPUX26uApCpgpib0T","tlshash":"c223f8c5b360507243e261e384b64203f329a9593406809cbb6cdefb6b6ddc6b176f76","first_seen":"2025-10-23T07:07:12.107394Z","last_seen":"2025-10-25T13:29:32.58382Z","times_seen":2,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":295,"dns":20,"connect":43,"send":0,"wait":26,"receive":5,"ssl":230},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/928b69c76342/main.js?","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:42.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secureorder.yerbamagik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 16:20:21 GMT","end":"Tue, 30 Dec 2025 17:20:15 GMT"},"fingerprint":{"sha1":"2D:CE:A1:65:0F:76:DD:A5:68:6B:FF:BD:7F:4A:96:45:16:21:FA:81","sha256":"77:6F:5C:BE:D6:BF:D8:42:0E:AA:2F:36:61:A4:84:99:59:DA:2E:AE:E5:47:AA:55:42:EB:93:9F:9B:6C:F9:D6"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/928b69c76342/main.js? HTTP/1.1\r\nHost: secureorder.yerbamagik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=cFECFQI0t1xn..g9pFOgoqAtm4vd1waauFroqYUVBD0-1761203202-1.0.1.1-WsxeOcVQQQATO13aJWU3d9uRxKwjhLc55NQu.GM_nwz4g.7hpbiBSOIoThT8gIHT1BOdJZCzUiABbU6hPEDfhxdTyOAuqywsmH86IwFiL8U\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Oct 2025 07:06:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 992f64ad8d0623eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10196,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10196), with no line terminators","md5":"abe39fdad2c874b5812172356e6d0419","sha1":"6edf69222401ca4f94ca05077f432983376ed055","sha256":"f1b630493d82ca4cb8479e404ea1b276962f9edc6b46c7a2fb8e85812eba6caa","sha512":"83785932c07593f80325abb34e8795fdd73062fd38b857682d3728453be5de21b147b8b4268e13978e861adfe68fcc5cab6817f04e0a88a52feb7d90f292b6bf","ssdeep":"192:73/ytvRXrE2aTA70opeTDvEdTYGBzGNst5GP9qIpZggOhYEpl5C2jqPr:73/ytvRXrE2aTA7Bpe6HzgC6qasvpl56","tlshash":"c322f8c6be0273a496363485545f38e16ca9cd8e1442ea4f8340adf93c10f8c79bbe8d","first_seen":"2025-10-23T06:41:34.8511Z","last_seen":"2025-10-23T07:09:55.936794Z","times_seen":3,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4508954741309440.ingest.us.sentry.io/api/4509122548596736/envelope/?sentry_version=7\u0026sentry_key=92683330f74c5884500fa49859d3169d\u0026sentry_client=sentry.javascript.react%2F9.5.0","fqdn":"o4508954741309440.ingest.us.sentry.io","domain":"sentry.io","tld":"io"},"ip":{"addr":"34.120.195.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:47.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ingest.sentry.io","organization":"Sentry"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 24 Jul 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C4:C7:A0:3C:30:51:F2:AE:98:2C:88:9F:C7:8D:24:55:ED:C3:34:BD","sha256":"78:73:F7:3D:EE:58:1B:F8:9A:1E:17:AB:A3:70:00:86:76:EA:4E:AF:AB:F4:7B:34:5F:FA:39:D8:3B:5D:F4:B5"}}},"request":{"raw":"POST /api/4509122548596736/envelope/?sentry_version=7\u0026sentry_key=92683330f74c5884500fa49859d3169d\u0026sentry_client=sentry.javascript.react%2F9.5.0 HTTP/1.1\r\nHost: o4508954741309440.ingest.us.sentry.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://secureorder.yerbamagik.com/\r\nContent-Length: 62527\r\nOrigin: https://secureorder.yerbamagik.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 23 Oct 2025 07:06:47 GMT\r\ncontent-type: application/json\r\ncontent-length: 41\r\nvary: origin, access-control-request-method, access-control-request-headers\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"85483740ae369b2054ab4550d11009d8","sha1":"d8d58f102baa8957823006153c88252e4251b6b4","sha256":"101b5c2295223dbe2b7192e1246721630e4dbe86bbea0579228c596c3f2419ad","sha512":"5693e88e6a99746dd246c4645a829c5c0cb857a291e42d0b2e8b211dac808bbd38f309e0a0d867371b211544b9f8523b8d5b7eefb8c8605cbff98d6cb3e3005e","ssdeep":"","tlshash":"0b900410541f044540314cd30c53710d0cc47351c50c05744dd4433140105cf0347041","first_seen":"2025-10-23T07:07:12.14668Z","last_seen":"2025-10-23T07:07:12.14668Z","times_seen":1,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":192,"dns":43,"connect":25,"send":0,"wait":102,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-23T07:06:40.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secureorder.yerbamagik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 16:20:21 GMT","end":"Tue, 30 Dec 2025 17:20:15 GMT"},"fingerprint":{"sha1":"2D:CE:A1:65:0F:76:DD:A5:68:6B:FF:BD:7F:4A:96:45:16:21:FA:81","sha256":"77:6F:5C:BE:D6:BF:D8:42:0E:AA:2F:36:61:A4:84:99:59:DA:2E:AE:E5:47:AA:55:42:EB:93:9F:9B:6C:F9:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: secureorder.yerbamagik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Oct 2025 07:06:40 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=E.nWoUZDq9AQQ8_5bXLXC7xqxBgm_2YrPUj.HUgeH2A-1761203200-1.0.1.1-a5LSKM1i3YGCBSVJK2mM4M3qKeQzxz9kq7jPdtSJIizzPXbZdQfOlr60m.3Bqp_0bd.NU_Qs9RFv4xjR_ZEbSyEznlX7VMYn.3tPmqkHT7g; path=/; expires=Thu, 23-Oct-25 07:36:40 GMT; domain=.ptsccb.com; HttpOnly; Secure; SameSite=None\n__cf_bm=exOuWYkIkwXu1GSOf27XxxnNJuL86foh25eu4o_7Ei0-1761203200-1.0.1.1-myrUAmBp_Munz..RgJ8Mlovw8QuTdsEmPB8OzRd4ALS25zoWYoCIOny2roWvBzxpP5D4PvqTzwP6Kbdd96hs1eyhaLmM9arDZIPrGqB6sHA; path=/; expires=Thu, 23-Oct-25 07:36:40 GMT; domain=.ptsccb.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=UI5Ba8bMpXS0DWFGgmrVAfQheqFe9tSgHRfuzlCFmJuLvqhL78EEXkhEPyyFj5m56LRQQ5HjE2VMSu7drcxqVP0OKX0pGTKrvG%2FoVQoB3Xqr9Ve7j0vlvkx%2FJ%2B3xkPDkRZzuiKQrtbXAORg9\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 992f64a518f423eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1570,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1570), with no line terminators","md5":"151cf2d121ee35fc294cf739fa18c6cf","sha1":"d3b37ff38da0a61fb52cc5554ba6a7a09238419e","sha256":"fc59f7780889e80679853b30ad3c0868d43405a1795480139ad97fdd2aff2a21","sha512":"ee03e3a7e45b0018067db442dd84120eb95ea6b51848fedb7864824401fea082357c0e2085e3b4424459a912121891804cb5c61c9230052640f4c9ba6de0b771","ssdeep":"","tlshash":"5e315172ad118128d6a0416b357af3ac397270246b02e440e6adcc694c98fd308afc6e","first_seen":"2025-10-23T07:07:12.193679Z","last_seen":"2025-10-23T07:07:12.193679Z","times_seen":1,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":113,"dns":91,"connect":1,"send":0,"wait":51,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/static/css/main.33fb3295.css","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:41.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secureorder.yerbamagik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 16:20:21 GMT","end":"Tue, 30 Dec 2025 17:20:15 GMT"},"fingerprint":{"sha1":"2D:CE:A1:65:0F:76:DD:A5:68:6B:FF:BD:7F:4A:96:45:16:21:FA:81","sha256":"77:6F:5C:BE:D6:BF:D8:42:0E:AA:2F:36:61:A4:84:99:59:DA:2E:AE:E5:47:AA:55:42:EB:93:9F:9B:6C:F9:D6"}}},"request":{"raw":"GET /static/css/main.33fb3295.css HTTP/1.1\r\nHost: secureorder.yerbamagik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://secureorder.yerbamagik.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Oct 2025 07:06:41 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\netag: W/\"1eeb9de3cd709d157d546f1f1d6e964b\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=ZugG8W5YokGRCXH2qfxfczB242II0YvhfKinlplp3QI-1761203201-1.0.1.1-28ZPXre_lrKcImyLO_wIyAVPvwpc2hzq6prz_MiFYEMS1uvvKU67Kdj0gb3NKmSa0WcOFPHR3dWk7owpFCqxlrHuVavoGenUp2LyXlo7lAw; path=/; expires=Thu, 23-Oct-25 07:36:41 GMT; domain=.ptsccb.com; HttpOnly; Secure; SameSite=None\n__cf_bm=HndXV7qVCsZwMJRwOnlbWkGciteIo0UgR.Q7lY55ZpU-1761203201-1.0.1.1-DNqdjVW.BSRew6bAhGzynjPDQ1QX44bgTxY6ablB.eXAm.juWX5_Jp2A6v9mx7PKO8c6tf5b9sD42vhOCsHTPDz7QzMxoRpSifHdmNFJF7Y; path=/; expires=Thu, 23-Oct-25 07:36:41 GMT; domain=.ptsccb.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rwgMC29mILupgFfeJ63PuNect5wWk95hWMr%2FAnWQYEQ389QQ0kWDYCM8csQaoQ5tcVKbe0J2GERgKKro8f0q03OR3fn4UOomSCaHECsXbKYrR1uuVt%2BKz6wI4Qjvaof3Sl7Jhs2fm%2BhPzY8r\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Oct 2025 11:06:41 GMT\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncf-ray: 992f64a6bc1e23eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":306250,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65453)","md5":"7b7cebb73aeb1a520d174c693393730e","sha1":"63b06c388ebbb49ce60fa54f7452625cc381269f","sha256":"ee14ed7d33cde825c41a03dbf48b8dfaa348045e7f9b92798b867d2912877aa8","sha512":"79ac6c5251703eb36fc6fcf52965186dfa5a069fa1c4cd106b2b8eb50b10a588747f9be889b34fabe7dcfd2e318b689ab86c47479511024ad8d0706c2625b0f3","ssdeep":"6144:PHP8rvhYt1GCVBahd9OE8VBVDgCEkoxLyhW3xQTxPSxFxLBJpeAQegTgAZg5rsXw:2hd9OE8VBVDgCEkoxL4IA6J27H8bRtm4","tlshash":"72541a19f749143f6837c876b1c8fbaca11be096dd3759eef48066058aca3eb0752718","first_seen":"2025-10-23T07:07:12.203297Z","last_seen":"2025-10-23T07:07:12.203297Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/static/js/main.cf480e60.js","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:41.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secureorder.yerbamagik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 16:20:21 GMT","end":"Tue, 30 Dec 2025 17:20:15 GMT"},"fingerprint":{"sha1":"2D:CE:A1:65:0F:76:DD:A5:68:6B:FF:BD:7F:4A:96:45:16:21:FA:81","sha256":"77:6F:5C:BE:D6:BF:D8:42:0E:AA:2F:36:61:A4:84:99:59:DA:2E:AE:E5:47:AA:55:42:EB:93:9F:9B:6C:F9:D6"}}},"request":{"raw":"GET /static/js/main.cf480e60.js HTTP/1.1\r\nHost: secureorder.yerbamagik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://secureorder.yerbamagik.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Oct 2025 07:06:41 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\netag: W/\"1848fffb26818f0c7ff0f2cf33618126\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=0IUDwzVGEKXuxCMIkckJamAQ3sR3Yq2LK9MQQFTiXJY-1761203201-1.0.1.1-zV1BrduMP0fK21GWd4a8G.mSoFZfckw.RjhvjEiizHrv_yuAaLPSE7N8x.ku9Wpc5n1.48kgmcbgyWy.hO6nNrvssh7cq7Zxm2_nQCKSKmA; path=/; expires=Thu, 23-Oct-25 07:36:41 GMT; domain=.ptsccb.com; HttpOnly; Secure; SameSite=None\n__cf_bm=Vy7BRqi8KDdnjsdMtpxEsTEaIT7GPs1qfYOlaJqdLs4-1761203201-1.0.1.1-c5vcJaB6n6JNYRpuFU0gvJT0BBVsrx4Ct4aLiQqpLZdvBim_LNLcbIU9UHI30V4m.k8T3wGVfal8SsMJiXR9y_kmZ0v4cfvxU6mr4zPG99M; path=/; expires=Thu, 23-Oct-25 07:36:41 GMT; domain=.ptsccb.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=HzndR1goLZo9xeFvH92hnxnoEhRkk2A8KahMy6TIXz5tMMx65H8KAsqNDJ9PWsuCyXe0qmUhJoQ7rOxG6fskS%2BJzfZT2JNNYKBFrVGgr27uu34W56j4bvQJ1NPr3CDciYrB9DpAn%2BOb6OQj2\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nexpires: Thu, 23 Oct 2025 11:06:41 GMT\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncf-ray: 992f64a6bc1c23eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":4107006,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"9e72cf94adc7a064dc58cd320e2d96a3","sha1":"d2c9b8fd742188ffd4550ec7934df0f30d9d377a","sha256":"4b3a477f65f2493451d7a846e798237caf4455c61fbc20f472a0866460a1cd10","sha512":"ebb7426fae84659731f4a57e18997acf6557e7c4b2a1d356208e7f0d0587b0ee2bd49770050c4087546efba80895de21d40f7fac942fd0049ceb800de64e0015","ssdeep":"12288:STX3/cXe2IbeqPHb2qQiq5WMDSJDTBIlQB7RZ6Sl8Af3hQtCuMzzn2IkzL79e:83dbVeDeBIlSRZ6SlXWtC3uIkzL79e","tlshash":"6825f8a8e753b4dcf83bcca5e07b442ee22e3b0591854564f9eb1cc511887c9725afb8","first_seen":"2025-10-23T07:07:12.215958Z","last_seen":"2025-10-23T07:07:12.215958Z","times_seen":1,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:42.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secureorder.yerbamagik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 16:20:21 GMT","end":"Tue, 30 Dec 2025 17:20:15 GMT"},"fingerprint":{"sha1":"2D:CE:A1:65:0F:76:DD:A5:68:6B:FF:BD:7F:4A:96:45:16:21:FA:81","sha256":"77:6F:5C:BE:D6:BF:D8:42:0E:AA:2F:36:61:A4:84:99:59:DA:2E:AE:E5:47:AA:55:42:EB:93:9F:9B:6C:F9:D6"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: secureorder.yerbamagik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 23 Oct 2025 07:06:42 GMT\r\ncontent-length: 0\r\ncf-ray: 992f64ad3c7b23eb-OSL\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/928b69c76342/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\nset-cookie: __cf_bm=cFECFQI0t1xn..g9pFOgoqAtm4vd1waauFroqYUVBD0-1761203202-1.0.1.1-WsxeOcVQQQATO13aJWU3d9uRxKwjhLc55NQu.GM_nwz4g.7hpbiBSOIoThT8gIHT1BOdJZCzUiABbU6hPEDfhxdTyOAuqywsmH86IwFiL8U; path=/; expires=Thu, 23-Oct-25 07:36:42 GMT; domain=.secureorder.yerbamagik.com; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10196,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secureorder.yerbamagik.com/cdn-cgi/challenge-platform/h/g/jsd/r/0.13467180669464804:1761199903:RHZC3nLpjmx77y1RiQG-MQwXHhR91PptUokYZZnPSI4/992f64a518f423eb","fqdn":"secureorder.yerbamagik.com","domain":"yerbamagik.com","tld":"com"},"ip":{"addr":"104.18.0.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:42.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secureorder.yerbamagik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 16:20:21 GMT","end":"Tue, 30 Dec 2025 17:20:15 GMT"},"fingerprint":{"sha1":"2D:CE:A1:65:0F:76:DD:A5:68:6B:FF:BD:7F:4A:96:45:16:21:FA:81","sha256":"77:6F:5C:BE:D6:BF:D8:42:0E:AA:2F:36:61:A4:84:99:59:DA:2E:AE:E5:47:AA:55:42:EB:93:9F:9B:6C:F9:D6"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.13467180669464804:1761199903:RHZC3nLpjmx77y1RiQG-MQwXHhR91PptUokYZZnPSI4/992f64a518f423eb HTTP/1.1\r\nHost: secureorder.yerbamagik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12103\r\nOrigin: https://secureorder.yerbamagik.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secureorder.yerbamagik.com/\r\nCookie: __cf_bm=cFECFQI0t1xn..g9pFOgoqAtm4vd1waauFroqYUVBD0-1761203202-1.0.1.1-WsxeOcVQQQATO13aJWU3d9uRxKwjhLc55NQu.GM_nwz4g.7hpbiBSOIoThT8gIHT1BOdJZCzUiABbU6hPEDfhxdTyOAuqywsmH86IwFiL8U\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Oct 2025 07:06:42 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 0\r\ncf-ray: 992f64aeafbb23eb-OSL\r\nset-cookie: cf_clearance=F.AEf6fXPIfUvFQVq2VYhsZWUcuGla5SJ3qr7RenMog-1761203202-1.2.1.1-5DVtRDRyUv9MRdTfoKTyJVKxB7EQf9MjvoRyWcISpAto95gdhYsR2I01VI1onVfOpngpw3H1uEGiBZeF00vX_KubDaBJxhE2pUEDtAuE7VknVS87bWpjDy9tmBXkGdgRGCY8Zr_Ohc8S38RMEwoVCVUU67ZFMK3tSEGrXBju9tzFz.MqIfopd.iEeiA.VnzuH_FJwBFJrrmV5li1E8w4aySUZiRdyAVMmGIv9FEn18A; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=yerbamagik.com; Expires=Fri, 23 Oct 2026 07:06:42 GMT\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"io.ecommcheckout.com/ws/?EIO=4\u0026transport=websocket","fqdn":"io.ecommcheckout.com","domain":"ecommcheckout.com","tld":"com"},"ip":{"addr":"34.8.76.186","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:42.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"io.ecommcheckout.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 15:03:44 GMT","end":"Sun, 07 Dec 2025 15:57:17 GMT"},"fingerprint":{"sha1":"45:FE:11:D6:38:F9:0B:25:63:DF:C4:91:61:22:51:A6:CE:AB:30:9D","sha256":"D2:29:17:42:4D:89:7E:1A:F1:83:0A:D2:30:5B:0E:D6:B8:92:DB:C8:F5:0C:0E:16:1B:1A:A5:A0:A1:C5:0E:2A"}}},"request":{"raw":"GET /ws/?EIO=4\u0026transport=websocket HTTP/1.1\r\nHost: io.ecommcheckout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://secureorder.yerbamagik.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: ZwbCQj5c+RmvakXEDBCQ2A==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nsec-websocket-accept: mbrEmdthq3HmdV6uq7UJDlrWbhQ=\r\naccess-control-allow-origin: *\r\ndate: Thu, 23 Oct 2025 07:06:42 GMT\r\nserver: Google Frontend\r\nx-cloud-trace-context: 74438e7e686e2ec019fb97048678f4d7/6333733046224424648\r\ntraceparent: 00-74438e7e686e2ec019fb97048678f4d7-57e5f0a5e25c0ec8-00\r\nvia: 1.1 google\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":1,"connect":13,"send":0,"wait":168,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:42.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Sep 2025 03:22:08 GMT","end":"Thu, 04 Dec 2025 04:21:53 GMT"},"fingerprint":{"sha1":"E6:3E:4F:B3:FC:53:DD:27:D8:25:AA:72:59:23:FF:63:FD:4F:1C:73","sha256":"B4:1F:47:61:EC:D3:B5:F8:B4:5E:F2:BF:CD:E8:CA:5A:7F:1E:80:E0:D8:8E:F2:70:3C:14:BB:81:DE:13:23:9A"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://secureorder.yerbamagik.com/\r\nOrigin: https://secureorder.yerbamagik.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Oct 2025 07:06:42 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 992f64afa8844c11-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-05T13:27:22.581064Z","times_seen":83173,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":21,"dns":0,"connect":2,"send":0,"wait":127,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://secureorder.yerbamagik.com/","date":"2025-10-23T07:06:42.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Sep 2025 03:22:08 GMT","end":"Thu, 04 Dec 2025 04:21:53 GMT"},"fingerprint":{"sha1":"E6:3E:4F:B3:FC:53:DD:27:D8:25:AA:72:59:23:FF:63:FD:4F:1C:73","sha256":"B4:1F:47:61:EC:D3:B5:F8:B4:5E:F2:BF:CD:E8:CA:5A:7F:1E:80:E0:D8:8E:F2:70:3C:14:BB:81:DE:13:23:9A"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://secureorder.yerbamagik.com/\r\nOrigin: https://secureorder.yerbamagik.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 23 Oct 2025 07:06:42 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 992f64afa8884c11-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-05T13:27:22.581064Z","times_seen":83173,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":23,"dns":0,"connect":1,"send":0,"wait":105,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}